The email, titled “Reimbursement Plan,” claimed to be associated with cryptocurrency trading platform 3Commas and led users to claim their “share” of the reimbursement plan by clicking a malicious link, according to a copy seen by Techopedia.
“We are delighted to share that you are now eligible for reimbursement in response to the hacks we suffered, which resulted in the disclosure of customer API keys,” the phishing email read.
— M (@KukraniMahesh) November 2, 2023
However, the company quickly warned its users, clarifying that the fraudulent emails were not sent from the 3Commas platform. “We strongly advise against engaging with any suspicious links or disclosing personal information in response to unsolicited emails,” the company said.
The company urged affected users to take immediate action by logging into their 3Commas accounts and resetting their passwords. Additionally, it recommended activating Two-Factor Authentication (2FA) using Google Authenticator to enhance security.
These phishing emails were distributed through an email service called Mailmuch.io. 3Commas promptly reported the incident to the email service provider, now taking steps to suspend the malicious account.
It’s important to note that the deceptive emails may come from various addresses, but a few examples included contact[at]salams[dot]app and info[at]unlayer[dot]com.
Aside from 3Commas, scammers have also been trying to impersonate other significant players in the crypto industry. For instance, they have targeted users of Uniswap, MetaMask, and Lido Finance with phishing emails claiming to offer rewards and airdrops.
A fake email purporting to be from Lido reads:
“LDO Airdrop can be claimed by early Lido stakers. Here you can find a list of addresses for which airdrops are available. Click the “Claim airdrop” button below to visit our claims page. Connect your wallet with either MetaMask or WalletConnect & check eligibility.”
With one click, an unsuspecting user could find themselves in their wallet, authorizing a connection to let a scammer straight into their funds.
An email purporting to be from MetaMask, again with a direct link to WalletConnect, reads:
“Dear Metamask Community,
“Introducing the Metamask $2 Million Ethereum Airdrop!
“We hope this message finds you well. We have some thrilling news to share that will make your crypto journey even more exciting. Metamask is proud to announce our largest Airdrop ever, and we want you to be a part of it!”
And similarly, for Uniswap:
“Thanks for your interest in the Uniswap Labs’ Newsletter!
“You’ve received this message because your email address has been registered with our site. Please click the button below to verify your email address and confirm that you are the owner of this account.
“After confirming your email, receive your complimentary $UNI sent to your connected address.”
These are just a few examples of many phishing attempts — all driving you to connect your wallet in return for an airdrop or reward, and all of them playing on the old adage: “They offer you something for nothing, and in return, they give you nothing for something.”
Bitfinex Exchange Faces Security Incident
In another major security incident, a customer support agent at Bitfinex fell victim to a hacking attempt, leading to a series of phishing attacks targeting several users between October 30 and November 5.
The breach occurred through the phishing of a customer support agent who had access to partial information, the exchange said in a recent press release. According to Bitfinex, the agent did not possess senior permissions and had limited access to supporting tools and help desk tickets.
The exchange assured customers that the impact was minimal, with no significant damage occurring. It also emphasized that its systems remained uncompromised, and no customer funds were lost during the incident.
“At no time were customer assets on the platform at risk, nor was password information accessible,” Bitfinex said, adding that it is actively reviewing the incident and the compromised information and is contacting all affected customers to provide further assistance.
How to Protect Against Phishing Scams
To protect themselves against crypto phishing scams, users should adopt a skeptical approach when dealing with emails. It is essential to treat every email with caution, especially those that claim to be from crypto platforms or service providers.
Additionally, users must pay close attention to the sender’s email address. Phishing emails often mimic legitimate addresses but contain slight variations or misspellings. It is recommended that users double-check the sender’s details and compare them to official contacts provided by the crypto platform or service.
It is also important to verify URLs before clicking on them. Users can hover their cursor over any links in the email without clicking on them to reveal the actual URL, making sure that the URL matches the official website of the crypto platform or service.
Likewise, users must be wary of direct messages received on Discord, Telegram, or Twitter, particularly if they claim to be team members or ask you to connect to a “dapp” (a decentralized application).
Moreover, implementing 2FA adds an extra layer of security to your crypto accounts. By requiring a second verification step, such as a unique code generated by an authentication app, users significantly reduce the risk of unauthorized access.
As the crypto industry continues to thrive, users need to remain vigilant and skeptical of any unsolicited communication. By adopting specific safety measures, crypto enthusiasts can safeguard their assets and ensure a secure digital experience.